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This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 

1 . (Currently Amended) A method of sending encrypted streamed data 
over an IP network from a first node to a second node, the method comprising: 

using a first protocol to establish a first security association (SAD I nternet K e y 

Exchange (IKE) Phase 1 negotiation to estab l ish an I KE secur i ty assoc i ation (SA) 

between the first and second nodes; 

using the first protocol to establish a first security association (SAD over a 

second protocol between the first and second nodes: 

modifying the second security association (SA2) by using selected components 

of the second protocol for providing encryption at the first node of the streamed data 

between the first and second nodes: 

constructing datagrams containing segments of the encrypted streamed data in 

the datagram payload, the datagrams including a reduced overhead corresponding to 

the selected components: and 

sending the datagrams from the first node to the second node- 
entering IKE Phase 2 to negotiate an IPS e c SA for e ach transmiss i on dir e ction: 
passing th e IPSoo SA data to stream e d data app l ications associat e d w i th th e 

streamed data; 

encrypt i ng th e streamed data at the first node with a cipher using a shared s e cr e t 
form i ng part of said IPS e c SA; 

constructing — IP d a tagrams conta i ning th e e ncrypt e d str e am e d data, th e 
datagrams not inc l uding an I PS e c h e ad e r or h e ad e rs; and 

sending th e I P datagrams from th e first nod e to tho second nodo. 

2. (Currently Amended) A method according to claim 1, wherein said 
streamed data is VoIP data or videoconferencing data , wherein said streamed data 
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packets do not include IPSec headers, authentication headers (AH) and encapsulation 
security pavload (ESP) headers . 

3. (Previously Presented) A method according to claim 1 , wherein said 
first and second nodes are end points for the data. 

4. (Previously Presented) A method according to claim 1, wherein said 
first and second nodes tunnel data between respective end points. 

5. (Currently Amended) An apparatus for sending s e curing streamed 
data over an IP network from a first node to a second node, the apparatus comprising: 

processing means and memory containing software instructions for implementing 
IPSec protocols: 

an applicat i on for d eli v e r i ng str e am e d data; 

means for using a first protocol to establish a first security association (SA1) 
Internet Koy Exchange (IKE) Phase 1 negotiation to establish an IKE security 
association (SA) between the first and second nodes; 

means for using the first protocol to establish a first security association (SAD 
over a second protocol between the first and second nodes; 

means for modifying the second security association (SA2) by using selected 
components of the second protocol for providing encryption at the forst node of the 
streamed data between the first and second nodes; 

means for constructing datagrams containing segments of the encrypted 
streamed data in the datagram pavload, the datagrams including a reduced overhead 
corresponding to the selected components; and 

means for sending the datagrams from the first node to the second node. 

m e ans for e nt e ring I KE Phas e 2 n e got i at i on to n e gotiate an IPS e c SA for e ach 
transm i ss i on d i r e ct i on; 

m e ans for pass i ng th e I PS e c SA data to app li cations associated with th e 
str e am e d data, 
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encrypting m e ans for encrypt i ng tho stroam o d data at tho first nodo with a cipher 
us i ng a shared s e cret form i ng part of said IPS e o SA; 

moans for constructing IP datagrams containing th o e ncrypted str e am e d data, 
tho datagrams not including an IPS o c h e ader or headers; and 

transm i ssion moans for sending tho IP datagrams from the first nodo to th e 
s e cond nod e . 

6. (Original) Apparatus according to claim 5, the apparatus being an end 
user terminal such as a telephone, communicator, PDA or palmtop computer, or a 
personal computer (PC). 

7. (Currently Amended) Apparatus according to claim 6, the apparatus 
being a firewall or gateway coupled to the first node, which is the source of the 
streamed data , wherein the streamed data packets do not include IPSec headers, 
authentication headers (AH) and encapsulation security pavload (ESP) headers . 
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